Solved

Port a Perl script to PHP

Posted on 2013-05-21
8
385 Views
Last Modified: 2013-05-21
In another experts exchange post, a member helped me create a script that can generate a particular Hex string out of any password you feed it.  Problem is he created it in a pretty efficient perl command, which I can't pretend to read.  I also don't have much experience with Hex overall, so i'm in unfamiliar territory.  

I am looking for a PHP function that will take a single string parameter (a password) and return it's obfuscated hex string.  The example I am supplying was designed to take many passwords and generate many output strings, but I simply want one per function call.

The original Experts Exchange posting is: http://www.experts-exchange.com/Security/Encryption/Q_28134108.html.

Example 1:
perl -le 'for( @ARGV ){$x=0;$x^=$_ for @x=unpack"C*",$_;$x||=0x55; $_+=$x for @x; print unpack("H*",pack"C*",0x7f,$x,@x),"  $_"}' a b c aa bb cc aaa bbb ccc ab ac ad aab aac aad aaaaaaaaaa bbbbbbbbbb  aaaaaaaaab

Open in new window

Generates this:
7f61c2  a
7f62c4  b
7f63c6  c
7f55b6b6  aa
7f55b7b7  bb
7f55b8b8  cc
7f61c2c2c2  aaa
7f62c4c4c4  bbb
7f63c6c6c6  ccc
7f036465  ab
7f026365  ac
7f056669  ad
7f62c3c3c4  aab
7f63c4c4c6  aac
7f64c5c5c8  aad
7f55b6b6b6b6b6b6b6b6b6b6  aaaaaaaaaa
7f55b7b7b7b7b7b7b7b7b7b7  bbbbbbbbbb
7f0364646464646464646465  aaaaaaaaab

Open in new window


Example 2:
perl -le 'for( @ARGV ){$x=0;$x^=$_ for @x=unpack"C*",$_;$x||=0x55; $_+=$x for @x; print unpack("H*",pack"C*",0x7f,$x,@x),"  $_"}' x y z yy yz zy zz za zb az bz ba aba abb baa bab bba aaaa aaab aaba abaa baaa bbbb bbba bbab babb abbb 

Open in new window

Generates this:
7f78f0  x
7f79f2  y
7f7af4  z
7f55cece  yy
7f037c7d  yz
7f037d7c  zy
7f55cfcf  zz
7f1b957c  za
7f18927a  zb
7f1b7c95  az
7f187a92  bz
7f036564  ba
7f62c3c4c3  aba
7f61c2c3c3  abb
7f62c4c3c3  baa
7f61c3c2c3  bab
7f61c3c3c2  bba
7f55b6b6b6b6  aaaa
7f0364646465  aaab
7f0364646564  aaba
7f0364656464  abaa
7f0365646464  baaa
7f55b7b7b7b7  bbbb
7f0365656564  bbba
7f0365656465  bbab
7f0365646565  babb
7f0364656565  abbb

Open in new window


What I am looking for would be something like:
<?php
function encodepassword($str) {
// do the magic

return $encoded;
}

echo  encodepassword('aaab');  // should echo '7F0364646465'
?>

Open in new window


From what I can tell, the encoded string is composed of:
First hex pair is always 7F
Second hex pair is xor of all characters, except replace 00 with 55
Following hex pairs each represent a character in the password, but the second hex pair is subtracted from it
If you need more info just ask or look at the other thread.
0
Comment
Question by:Vorcht12
  • 4
  • 4
8 Comments
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 39185350
Please give me an example of how to figure out the second hex character, thanks.

Please see http://www.laprbass.com/RAY_temp_vorcht12.php

It appears that the second hex character, when converted to binary and subtracted from the value of the other hex characters, results in the binary value of the original clear-text character.  So I can decode the coded strings into the original clear-text.  What I still do not understand is the original mechanism for choosing the second hex character, and as you can see from this example, it could be any of a variety of things -- and still produce an encoded string that can be decoded consistently.

<?php // RAY_temp_vorcht12.php
error_reporting(E_ALL);
echo '<pre>';

// PHP <= 5.3 SEE NOTES: http://php.net/manual/en/function.hex2bin.php

// SOME TEST DATA
$dat = array
( '7F78F0' => 'x'
, '7F79F2' => 'y'
, '7F7AF4' => 'z'
, '7F55CECE' => 'yy'
, '7F037C7D' => 'yz'
, '7F037D7C' => 'zy'
, '7F55CFCF' => 'zz'
, '7F1B957C' => 'za'
, '7F18927A' => 'zb'
, '7F1B7C95' => 'az'
, '7F187A92' => 'bz'
, '7F036564' => 'ba'
, '7F62C3C4C3' => 'aba'
, '7F61C2C3C3' => 'abb'
, '7F62C4C3C3' => 'baa'
, '7F61C3C2C3' => 'bab'
, '7F61C3C3C2' => 'bba'
, '7F55B6B6B6B6' => 'aaaa'
, '7F0364646465' => 'aaab'
, '7F0364646564' => 'aaba'
, '7F0364646564' => 'abaa'
, '7F0365646464' => 'baaa'
, '7F55B7B7B7B7' => 'bbbb'
, '7F0365656564' => 'bbba'
, '7F0365656465' => 'bbab'
, '7F0365646565' => 'babb'
, '7F0364656565' => 'abbb'
, '7f55b6b6b6b6b6b6b6b6b6b6' => 'aaaaaaaaaa'
, '7f55b7b7b7b7b7b7b7b7b7b7' => 'bbbbbbbbbb'
, '7f0364646464646464646465' => 'aaaaaaaaab'

// THESE WORK TOO
, '7F79F1' => 'x'
, '7F7AF2' => 'x'
, '7F7BF3' => 'x'
)
;

foreach ($dat as $key => $str)
{
    // SAVE THIS VALUE FOR PRINTING
    $old = $key;

    // DISCARD THE 7F
    $key = substr($key,2);

    // GRAB THE OFFSET VALUE
    $off = pack("H*", substr($key,0,2));
    $off = ord($off);

    // SPLIT REMAINING HEX SUBSTRINGS INTO CHARACTERS
    $key = substr($key,2);
    $arr = str_split($key,2);

    // SUBTRACT THE OFFSET VALUE FROM THE BINARY
    $chr = NULL;
    foreach ($arr as $ord)
    {
        $ord = pack("H*", $ord);
        $ord = ord($ord);
        $num = $ord - $off;

        // RENDER THE BINARY VALUE AS A CHARACTER
        $chr .= chr($num);
    }

    // REPORT THE RESULTS
    echo PHP_EOL . "$old => $str => $chr";
}

Open in new window

0
 

Author Comment

by:Vorcht12
ID: 39185405
First, I want to make sure you are doing this in the right direction.  The characters on the right are what will be supplied (like 'aaba'), and what I want to create is the hex version.

The second hex set is supposedly a xor of all the characters in the string, except when that value is 00, it is replaced with a 55.  Ozo in the other thread identified that pattern, how I am not sure.  The perl script computes it correctly for all the examples I have provided so far.
0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 39185434
Yes, I'm doing it in the right direction - I was just working with the pattern I could identify.  If I'm right about how the XOR is computed, I can show you an encode and decode function in a little while.

Is the XOR for  "abc" going to be computed by a XOR b = x, then x XOR c = final bitmap?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:Vorcht12
ID: 39185490
I'm not sure about the calculation.  I've posted for clarification in the other thread.  Does that method create the appropriate value with the posted examples?
0
 
LVL 109

Accepted Solution

by:
Ray Paseur earned 500 total points
ID: 39185523
This seems to test out OK.  You might add some sanity checks or normalize all the hex strings to one case if you want.
<?php // RAY_temp_vorcht12.php
error_reporting(E_ALL);
echo '<pre>';

// SEE http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/Q_28134108.html
// SEE http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/Q_28134741.html
// PHP <= 5.3 SEE NOTES: http://php.net/manual/en/function.hex2bin.php

Class Vorcht12
{
    public function __construct(){}
    public function __destruct(){}
    public function encode($str)
    {
        // IF A SINGLETON
        if (strlen($str) == 1)
        {
            $num = ord($str);
            $two = $num + $num;
            $out = '7f' . dechex($num) . dechex($two);
        }
        else
        {
            // PROCESS CHARACTER BY CHARACTER
            $arr = str_split($str);

            // MAKE XOR TO GET OFFSET OF ALL CHARACTERS(?)
            $off = 0;
            foreach ($arr as $chr)
            {
                $num = ord($chr);
                $off = $off ^ $num;
            }

            // USE HEX 55 IF XOR ELIMINATES ALL BITS
            if (!$off) $off = 0x55;

            // CREATE THE BINARY / HEX REPRESENTATIONS
            $out = '7f' . str_pad(dechex($off), 2, '0', STR_PAD_LEFT);
            foreach ($arr as $chr)
            {
                $num = ord($chr) + $off;
                $out .= str_pad(dechex($num), 2, '0', STR_PAD_LEFT);
            }
        }
        return $out;
    }

    public function decode($key)
    {
        // DISCARD THE 7F
        $key = substr($key,2);

        // GRAB THE OFFSET VALUE
        $off = pack("H*", substr($key,0,2));
        $off = ord($off);

        // SPLIT REMAINING HEX SUBSTRINGS INTO CHARACTERS
        $key = substr($key,2);
        $arr = str_split($key,2);

        // SUBTRACT THE OFFSET VALUE FROM THE BINARY
        $chr = NULL;
        foreach ($arr as $ord)
        {
            $ord = pack("H*", $ord);
            $ord = ord($ord);
            $num = $ord - $off;

            // RENDER THE BINARY VALUE AS A CHARACTER
            $chr .= chr($num);
        }
        return $chr;
    }
}

// SOME TEST DATA
$dat = array
( '7F78F0' => 'x'
, '7F79F2' => 'y'
, '7F7AF4' => 'z'
, '7F55CECE' => 'yy'
, '7F037C7D' => 'yz'
, '7F037D7C' => 'zy'
, '7F55CFCF' => 'zz'
, '7F1B957C' => 'za'
, '7F18927A' => 'zb'
, '7F1B7C95' => 'az'
, '7F187A92' => 'bz'
, '7F036564' => 'ba'
, '7F62C3C4C3' => 'aba'
, '7F61C2C3C3' => 'abb'
, '7F62C4C3C3' => 'baa'
, '7F61C3C2C3' => 'bab'
, '7F61C3C3C2' => 'bba'
, '7F55B6B6B6B6' => 'aaaa'
, '7F0364646465' => 'aaab'
, '7F0364646564' => 'aaba'
, '7F0364646564' => 'abaa'
, '7F0365646464' => 'baaa'
, '7F55B7B7B7B7' => 'bbbb'
, '7F0365656564' => 'bbba'
, '7F0365656465' => 'bbab'
, '7F0365646565' => 'babb'
, '7F0364656565' => 'abbb'
, '7f55b6b6b6b6b6b6b6b6b6b6' => 'aaaaaaaaaa'
, '7f55b7b7b7b7b7b7b7b7b7b7' => 'bbbbbbbbbb'
, '7f0364646464646464646465' => 'aaaaaaaaab'

// THESE DECODE CORRECTLY, TOO
, '7F79F1' => 'x'
, '7F7AF2' => 'x'
, '7F7BF3' => 'x'
)
;

// TEST THE DATA SETS
foreach ($dat as $key => $str)
{
    $new_key = Vorcht12::encode($str);
    $new_str = Vorcht12::decode($key);
    echo PHP_EOL . "$key == <b>$new_key</b>";
    echo PHP_EOL . "$str == <b>$new_str</b>";
    echo PHP_EOL;
}

Open in new window

Best regards, ~Ray
0
 

Author Comment

by:Vorcht12
ID: 39185581
Nicely done Ray!  Thanks a bunch, exactly what I needed.  Tests out perfectly.

--David
0
 

Author Closing Comment

by:Vorcht12
ID: 39185585
Thanks a bunch!
0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 39185600
Thanks for the points and good luck with your project, ~Ray
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction HTML checkboxes provide the perfect way for a web developer to receive client input when the client's options might be none, one or many.  But the PHP code for processing the checkboxes can be confusing at first.  What if a checkbox is…
Generating table dynamically is the most common issue faced by php developers.... So it seems there is a need of an article that explains the basic concept of generating tables dynamically. It just requires a basic knowledge of html and little maths…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question